Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-30 16:22:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
814,561 Commits 616 Branches 98 Tags 5.9 GiB
c3449a3361
Commit Graph

16738 Commits

Author SHA1 Message Date
Dana Keeler
644aa7999c Bug 1716082 - clear all ongoing connections when removing certificate error overrides r=jschanck 
Differential Revision: https://phabricator.services.mozilla.com/D158613
 2022-10-05 20:15:02 +00:00
Emilio Cobos Álvarez
d71d3c19ed Bug 1792809 - Make library and other windows keep stretching after bug 1665476. r=eemeli 
Much like the dialog changes in bug 1792730.

Differential Revision: https://phabricator.services.mozilla.com/D158351
 2022-10-04 10:21:05 +00:00
ffxbld
c6a00ce965 No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=dmeehan 
Differential Revision: https://phabricator.services.mozilla.com/D158497
 2022-10-03 13:20:51 +00:00
ffxbld
87d48b75dd No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D158326
 2022-09-29 16:44:52 +00:00
Yannis Juglaret
adebd56af9 Bug 1766432 - Part 4: Enable Arbitrary Code Guard in MinGW builds. r=bobowen 
Differential Revision: https://phabricator.services.mozilla.com/D157906
 2022-09-29 15:29:15 +00:00
Yannis Juglaret
eaa892440f Bug 1766432 - Part 3: Add Part 2 to the list of patches to apply when updating third-party. r=bobowen 
Differential Revision: https://phabricator.services.mozilla.com/D157905
 2022-09-29 15:29:15 +00:00
Yannis Juglaret
0b60970f1b Bug 1766432 - Part 2: Propagate custom definition for PROCESS_MITIGATION_DYNAMIC_CODE_POLICY to third-party. r=bobowen 
Differential Revision: https://phabricator.services.mozilla.com/D157904
 2022-09-29 15:29:14 +00:00
Mark Banner
8d1ebcb9d6 Bug 1792365 - Convert toolkit/modules consumers to use ES module imports directly. r=webdriver-reviewers,perftest-reviewers,geckoview-reviewers,extension-reviewers,preferences-reviewers,desktop-theme-reviewers,application-update-reviewers,pip-reviewers,credential-management-reviewers,robwu,Gijs,sgalich,bytesized,AlexandruIonescu,dao,m_kato 
Differential Revision: https://phabricator.services.mozilla.com/D158094
 2022-09-29 06:52:34 +00:00
ffxbld
4af4ff2e5b No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D158124
 2022-09-27 16:27:33 +00:00
ffxbld
4e99c68740 No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=dmeehan 
Differential Revision: https://phabricator.services.mozilla.com/D157923
 2022-09-22 12:46:23 +00:00
Jed Davis
a466bdb2c4 Bug 1780312 - Part 2: Allow fstatfs in the Linux RDD sandbox policy. r=gcp 
As discussed in the last patch, allowing `fstatfs` will also make
`statfs` work on any path that the process could open for reading
(subject to sandbox policy).

Differential Revision: https://phabricator.services.mozilla.com/D157542
 2022-09-21 17:57:54 +00:00
Jed Davis
3b5c74387e Bug 1780312 - Part 1: Move the statfs replacement into the common sandbox policy. r=gcp 
We have code to handle `statfs` calls in content processes by
intercepting them and calling `open` and `fstatfs` instead; the former
is then recursively intercepted and brokered.  This patch moves that
feature into the common policy, but does not allow `fstatfs` in any
other sandbox types (yet; see next patch).  This doesn't affect security
because the caller could have attempted the `open` and `fstatfs`
syscalls itself.

Differential Revision: https://phabricator.services.mozilla.com/D157541
 2022-09-21 17:57:54 +00:00
Joel Maher
4c4438b4f7 Bug 1536208 - removing old aarch64 manifest annotations. r=aryx,application-update-reviewers,bytesized 
Differential Revision: https://phabricator.services.mozilla.com/D157677
 2022-09-21 15:35:02 +00:00
Andreea Pavel
9f24806607 Backed out 2 changesets (bug 1768250, bug 1720601) for multiple failures CLOSED TREE 
Backed out changeset d6caea480d4d (bug 1768250)
Backed out changeset 97eccf466bf3 (bug 1720601)
 2022-09-20 16:50:29 +03:00
Kershaw Chang
137b76a861 Bug 1720601 - Allow token cache to store more than one token per key, r=necko-reviewers,dragana 
1. Allow to store more than one token per key.
2. Allow to use the token only once. The token will be removed after reading it.
3. Add a gtest.

Differential Revision: https://phabricator.services.mozilla.com/D153605
 2022-09-20 12:58:06 +00:00
Dana Keeler
bdb75eecd3 Bug 1790451 - remove now-unnecessary QueryInterface(Ci.nsITransportSecurityInfo) calls r=jschanck,webdriver-reviewers,necko-reviewers,application-update-reviewers,nalexander,valentin 
Differential Revision: https://phabricator.services.mozilla.com/D157166
 2022-09-20 03:58:50 +00:00
ffxbld
26a22933ed No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D157632
 2022-09-19 13:30:31 +00:00
John Schanck
ef80532ec8 Bug 1787505 - land NSS NSS_3_83_RTM UPGRADE_NSS_RELEASE, r=nss-reviewers,bbeurdouche 
Differential Revision: https://phabricator.services.mozilla.com/D157510
 2022-09-15 19:24:37 +00:00
Nika Layzell
0316dc51b9 Bug 1790614 - Part 2: Use {ASSERT,ENSURE}_NS_{SUCCEEEDED,FAILED} in gtests, r=ahal,necko-reviewers 
These macros will produce better outputs when they fail than these existing
patterns using `ENSURE_TRUE(NS_SUCCEEDED(...))` or similar, so this is a bulk
rewrite of existing tests to use them.

It should also help with discoverability when people base their tests off of
other existing tests.

Differential Revision: https://phabricator.services.mozilla.com/D157214
 2022-09-15 14:51:50 +00:00
ffxbld
2bddac315a No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D157441
 2022-09-15 13:07:24 +00:00
Dana Keeler
0d0b51d1e4 Bug 1790152 - use nsIX509Cert directly in IPC in AddCertException r=nika 
This avoids unnecessarily serializing the certificate to a string before
sending it over IPC.

Depends on D157007

Differential Revision: https://phabricator.services.mozilla.com/D157008
 2022-09-14 21:49:53 +00:00
Narcis Beleuzu
855f519b0a Backed out changeset a389830fb63f (bug 1783223) for causing bug 1790713 2022-09-14 19:38:52 +03:00
John Schanck
262ca63d8f Bug 1787505 - land NSS NSS_3_83_BETA2 UPGRADE_NSS_RELEASE, r=nss-reviewers,djackson 
Differential Revision: https://phabricator.services.mozilla.com/D156982
 2022-09-13 16:39:55 +00:00
Nika Layzell
3d9a6d0374 Bug 1789902 - Part 2: Use XPCOM static components instead of Services in Rust, r=xpcom-reviewers,necko-reviewers,barret,valentin 
Differential Revision: https://phabricator.services.mozilla.com/D156891
 2022-09-13 13:47:13 +00:00
Jeff Muizelaar
64aded89bb Bug 1783223 - Enable Arbitratry Code Guard in RDD on Nightly. r=bobowen 
This was previously disabled in bug 1673194 because of start up crashes.
It seems like msmpeg2vdec.dll may use dynamic code to support encrypted
code that uses. In recent versions of Windows this only seems used
in the 32bit version. The 32bit version will opt out of ACG on the
threads where it needs to use VirtualProtect so we use the weaker
variant there.

Differential Revision: https://phabricator.services.mozilla.com/D153762
 2022-09-12 16:32:08 +00:00
ffxbld
d7cbba5f61 No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D157108
 2022-09-12 12:48:53 +00:00
Dennis Jackson
400f4a73bf Bug 1789458 - Backout asserts from 1788290. r=keeler 
Differential Revision: https://phabricator.services.mozilla.com/D156944
 2022-09-09 17:15:10 +00:00
Cosmin Sabou
ecfd7cff79 Backed out changeset 7dd0bcf1eeed (bug 1787505) for causing mass mochitest failures. r=land NSS NSS_3_83_BETA1 UPGRADE_NSS_RELEASE CLOSED TREE 2022-09-09 01:53:53 +03:00
John Schanck
db095eb9f2 Bug 1787505 - land NSS NSS_3_83_BETA1 UPGRADE_NSS_RELEASE, r=keeler 
2022-09-08  John M. Schanck  <jschanck@mozilla.com>

	* lib/nss/nss.h, lib/softoken/softkver.h, lib/util/nssutil.h:
	Set version numbers to 3.83 beta
	[97fec8885336] [NSS_3_83_BETA1]

	* lib/softoken/pkcs11.c:
	Bug 1789886 - resource leak in NSC_OpenSession. r=bbeurdouche

	[b225a756abc2]

	* lib/pkcs12/p12d.c:
	Bug 1788875 - Remove set-but-unused variables from
	SEC_PKCS12DecoderValidateBags. r=nss-reviewers,bbeurdouche

	[132476bbefc5]

2022-09-07  Ludovic Hirlimann  <ludovic@mozilla.com>

	* cmd/lib/secpwd.c, coreconf/BeOS.mk, coreconf/config.mk,
	coreconf/nsinstall/nsinstall.c, lib/certhigh/ocsp.c,
	lib/dbm/include/mcom_db.h, lib/freebl/sysrand.c,
	lib/freebl/unix_rand.c, lib/jar/jar.h, lib/jar/jarfile.c,
	lib/nss/nssinit.c, lib/ssl/config.mk, lib/ssl/sslimpl.h,
	lib/ssl/sslmutex.c, lib/ssl/sslmutex.h, lib/ssl/sslnonce.c,
	lib/ssl/sslsnce.c, lib/ssl/sslsock.c, lib/ssl/unix_err.c,
	lib/util/secport.c, lib/util/secport.h, lib/zlib/zconf.h,
	lib/zlib/zutil.h:
	Bug 1563221 remove older oses that are unused part3/ BeOS r=nss-
	reviewers,djackson

	Depends on D36757

	[e0b144ea73b7]

	* coreconf/IRIX.mk, coreconf/IRIX5.2.mk, coreconf/IRIX5.3.mk,
	coreconf/IRIX5.mk, coreconf/IRIX6.2.mk, coreconf/IRIX6.3.mk,
	coreconf/IRIX6.5.mk, coreconf/IRIX6.mk, coreconf/arch.mk,
	lib/freebl/Makefile, lib/freebl/mpi/mpi.h, tests/set_environment:
	Bug 1563221 remove older unix support in NSS part 3 Irix r=nss-
	reviewers,djackson

	Depends on D36756

	[ee2e9b06b590]

	* lib/dbm/config/config.mk:
	Bug 1563221 remove support for older unix in NSS part 2 DGUX r=nss-
	reviewers,djackson

	Depends on D36755

	[b066df5e9148]

	* cmd/modutil/install.c, coreconf/OSF1.mk, coreconf/OSF1V2.0.mk,
	coreconf/OSF1V3.0.mk, coreconf/OSF1V3.2.mk, coreconf/OSF1V4.0.mk,
	coreconf/OSF1V4.0B.mk, coreconf/OSF1V4.0D.mk, coreconf/OSF1V5.0.mk,
	coreconf/OSF1V5.1.mk, coreconf/arch.mk, lib/dbm/config/config.mk,
	lib/freebl/Makefile, lib/freebl/arcfour.c, lib/freebl/mpi/mpi.c,
	lib/freebl/unix_rand.c, lib/ssl/sslsnce.c, tests/header,
	tests/mksymlinks, tests/nssqa, tests/platformlist.tbx,
	tests/set_environment:
	Bug 1563221 remove support for older unix in NSS part 1 OSF r=nss-
	reviewers,djackson

	[17f9365a7a1d]

2022-09-07  John M. Schanck  <jschanck@mozilla.com>

	* lib/ckfw/builtins/nssckbi.h:
	Bug 1778413 - Set nssckbi version number to 2.58. r=nss-
	reviewers,bbeurdouche

	Depends on D156583

	[2367ce7cdd32]

	* lib/ckfw/builtins/certdata.txt:
	Bug 1785297 - Add two SECOM root certificates to NSS.
	r=KathleenWilson

	Depends on D156582

	[9be22516dac9]

	* lib/ckfw/builtins/certdata.txt:
	Bug 1787075 - Add two DigitalSign root certificates to NSS.
	r=KathleenWilson

	Depends on D156581

	[04200c0488ee]

	* lib/ckfw/builtins/certdata.txt:
	Bug 1778412 - Remove Camerfirma Global Chambersign Root from NSS.
	r=KathleenWilson

	[a217a119cff1]

2022-09-06  John M. Schanck  <jschanck@mozilla.com>

	* lib/softoken/pkcs11.c, lib/softoken/pkcs11u.c:
	Bug 1767921 - check SFTKSlot head after acquiring session lock.
	r=rrelyea

	[ed04d4729b99]

2022-08-30  Kai Engert  <kaie@kuix.de>

	* coreconf/coreconf.dep:
	Dummy change, trigger a build to test latest NSPR commits.
	[bb1ae751d359]

Differential Revision: https://phabricator.services.mozilla.com/D156884
 2022-09-08 20:11:56 +00:00
ffxbld
1f2d882e17 No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D156815
 2022-09-08 13:47:22 +00:00
Bob Owen
3d2f6719a8 Bug 1788233: Remove PermissionsService from process Windows sandboxing code. r=handyman 
Depends on D156069

Differential Revision: https://phabricator.services.mozilla.com/D156087
 2022-09-07 09:42:04 +00:00
Bob Owen
692f8a5532 Bug 1689136: Apply MITIGATION_HARDEN_TOKEN_IL_POLICY to main and launcher processes. r=handyman 
This also ensures that DEP without ATL thunk is enforced.

Differential Revision: https://phabricator.services.mozilla.com/D156069
 2022-09-07 09:42:04 +00:00
ffxbld
dcae9a94c1 No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D156422
 2022-09-06 03:01:37 +00:00
Jan Varga
c8263583ce Bug 1789133 - Fix non-unified-build bustage in SandboxTestingChildTests.h; r=gerard-majax 
Differential Revision: https://phabricator.services.mozilla.com/D156376
 2022-09-04 15:01:06 +00:00
alwu
429ad203bb Bug 1785738 - part5 : don't set alternative desktop for the mf cdm process. r=bobowen 
When setting alternative destktop for the mf cdm process, it seems
interfering the media foundation framework and make the video playback
stutter.

But if we call `SetAlternateDesktop(false)` which won't create a new
window station, then the video playback won't be affected.

My guess is that there might be some internal performance issues
inside the media foundation framework when using Dcomp API between
different window stations.

In addition, Chromium also didn't enable alternative desktop for their
mf cdm process. So it makes sense to us to disalbe that as well.

Differential Revision: https://phabricator.services.mozilla.com/D155026
 2022-09-03 00:54:00 +00:00
alwu
24c4bb6bd5 Bug 1785738 - part1 : add new type of utility process. r=bobowen,gerard-majax,fluent-reviewers,flod 
Create a new type of utility process which would be used for media
foundation media engine CDM usage. The media engine is a media pipeline
provided by the Windows Media Foundation, and our final goal is to use
that pipeline to play encrypted content in order to achieve Widevine L1
protection to allow users to watch high resolution videos.

Differential Revision: https://phabricator.services.mozilla.com/D154033
 2022-09-03 00:53:58 +00:00
Dana Keeler
8c1204afeb Bug 1788856 - initialize NSS as needed in nsNSSCertificate r=jschanck 
Previously, instantiating an nsIX509Cert (implemented by nsNSSCertificate)
would cause NSS to be initialized. However, if 'new nsNSSCertificate()' was
called directly (rather than going through XPCOM), NSS would not be
initialized. This didn't seem to be a problem until bug 1787942 changed how
nsITransportSecurityInfo was sent between processes for PHttpChannel and
HttpChannelOnStartRequestArgs (namely, by using the direct IPC support rather
than first serializing to a string, sending it over IPC, and then deserializing
it). That direct IPC implementation uses 'new nsNSSCertificate()', which is now
a problem.

nsNSSCertificate used to make extensive use of NSS, which warranted ensuring
NSS was initialized before creating one at all. Now, as of bug 1748341, the
cases where nsNSSCertificate uses NSS are limited and clearly delineated.
Accordinly, this change makes it so nsNSSCertificate only initializes NSS if
and when it needs it, rather than relying on the XPCOM boilerplate to
initialize NSS first.

Differential Revision: https://phabricator.services.mozilla.com/D156353
 2022-09-02 22:26:37 +00:00
Dennis Jackson
a7c2f2a620 Bug 1788290 - Add the telemetry for Web Privacy. r=keeler. 
Differential Revision: https://phabricator.services.mozilla.com/D156107
 2022-09-02 20:59:35 +00:00
Dennis Jackson
97f4470f70 Bug 1788290 - Record whether Private DNS was used for a TLS Connection. r=keeler,necko-reviewers,valentin. 
Differential Revision: https://phabricator.services.mozilla.com/D156106
 2022-09-02 20:59:35 +00:00
Dennis Jackson
a0e440195f Bug 1788290 - Record whether OCSP requests were made whilst making a TLS connection. r=keeler,necko-reviewers. 
Differential Revision: https://phabricator.services.mozilla.com/D156105
 2022-09-02 20:59:34 +00:00
Butkovits Atila
7fed5a7ef2 Backed out 3 changesets (bug 1788290) for causing build bustages. CLOSED TREE 
Backed out changeset 52d5a06be477 (bug 1788290)
Backed out changeset a3b5d214b5d4 (bug 1788290)
Backed out changeset e94a38b79965 (bug 1788290)
 2022-09-02 19:13:34 +03:00
Dennis Jackson
ea92d08e39 Bug 1788290 - Add the telemetry for Web Privacy. r=keeler. 
Differential Revision: https://phabricator.services.mozilla.com/D156107
 2022-09-02 14:16:08 +00:00
Dennis Jackson
4b3a179797 Bug 1788290 - Record whether Private DNS was used for a TLS Connection. r=keeler,necko-reviewers,valentin. 
Differential Revision: https://phabricator.services.mozilla.com/D156106
 2022-09-02 14:16:07 +00:00
Dennis Jackson
0e389c049e Bug 1788290 - Record whether OCSP requests were made whilst making a TLS connection. r=keeler,necko-reviewers. 
Differential Revision: https://phabricator.services.mozilla.com/D156105
 2022-09-02 14:16:07 +00:00
Alexandre Lissy
ac1cbfd25b Bug 1788689 - Disable MITIGATION_DYNAMIC_CODE_DISABLE for more MinGW r=bobowen 
Differential Revision: https://phabricator.services.mozilla.com/D156273
 2022-09-02 09:17:50 +00:00
Dana Keeler
865a8ba6b7 Bug 1778997 - provide pkcs11 rust bindings in-tree r=jschanck,supply-chain-reviewers 
Differential Revision: https://phabricator.services.mozilla.com/D154258
 2022-09-01 20:48:25 +00:00
ffxbld
e57987e3d0 No Bug, mozilla-central repo-update HSTS HPKP remote-settings - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D156168
 2022-09-01 13:14:23 +00:00
Alexandre Lissy
b135ca0732 Bug 1780796 - Use one process per platform decoder module sandbox requirements r=alwu,nika,fluent-reviewers,flod 
Differential Revision: https://phabricator.services.mozilla.com/D152545
 2022-09-01 12:59:32 +00:00
ffxbld
353baa4945 No Bug, mozilla-central repo-update HSTS HPKP remote-settings tld-suffixes - a=repo-update r=RyanVM 
Differential Revision: https://phabricator.services.mozilla.com/D155828
 2022-08-29 13:18:01 +00:00
Iulian Moraru
26ac918f96 Backed out changeset 8feed89ecea4 (bug 1787268) for causing build bustages. CLOSED TREE 2022-08-27 01:31:43 +03:00